Economics, Psychology, and Sociology of
SecurityMy new colleague Seb sent me this link
to a PDF file. The author argues that approaching the
concept of security from the point of view of formal
methods is a fundamental mistake. Formal systems do not
allow people to break the rules or interpret the rules, and
yet, this is essential. When a DRM system says "do not
copy" then you can't copy. period. It wouldn't matter if a
life depended on it, you couldn't break the rule. But
people do not adapt well to absolutes. This is because
people, unlike formal systems, are acutely aware of
context, and so know when a rule should be bent or broken
(and by the same token, are able to recognize when an
inherently insecure system, such as fax signatures, has
been breached). We don't see that yet in DRM, and until we
do, no DRM system will succeed. By Andrew Odlyzko,
Financial Cryptography 2003, J. Camp and R. Wright, eds.,
December 31, 200-31 8:33 p.m.
[Refer][Research][Reflect]

What's In a Name?It seems like an
eon ago that Jay Cross declared e-learning dead, but it was
only a couple of months. Kevin Kruse responds to this claim
in his July column, arguing that it really depends on how
you define e-learning. "If we use a broad definition, we
can see the many successes of e-learning and even see how
it has permeated our everyday lives." I really like his
example: "I turned to my laptop and searched for 'bears
nocturnal' on Google, and in a 10th of a second I received
20,500 pages of information. Of course, it only took the
first page to let me know that bears are mostly nocturnal
(it depends on the season and how hungry the bears are).
Was this e-learning? By most definitions, no. There was no
support, community, multimedia, tracking or structured ISD
process. Were digital technologies involved? Yes. Did my
daughter and I learn something? Yes again. To me, that
makes it an e-learning experience." This, to me, not merely
counts as e-learning, it is definitive of
e-learning. Now, if only we could convince publishers that
a tenth of a second (or so), rather than two months, is the
new norm. By Kevin Kruse, Chief Learning Officer, July,
2003
[Refer][Research][Reflect]

RFID Chips Are HereTwo major
items make this article worth a read. The first is the
clearest evidence yet that RFID tags are upon us. If
WalMart is interested, everybody is interested. The second
is a very clear description of some of the implications of
RFID. An RFID tag embedded, say, in a pair of jeans follows
the product for its entire lifetime, broadcasting its
unique identity. So when you walk into the Gap they will
know instantly (by scanning your Levis) whether you are a
regular customer or just a poseur. "Right now, you can buy
a hammer, a pair of jeans, or a razor blade with anonymity.
With RFID tags, that may be a thing of the past." By Scott
Granneman, Security Focus, June 26, 2003
[Refer][Research][Reflect]

Dan BrickleyThis link is to an
RDF file (which means it might not display very well in
your browser). The purpose of this link is not to discuss
the subject (Dan Brickley, who you can read about here) but rather to show an example of a
FOAF (Friend of
a Friend) file. If you are not afraid of XML squiggles,
have a look. I point, in particular, to the <Person>
element at the top of the page. What we have here is an XML
description of Dan Brickley, including his current email
address, date of birth, image, nearest airport, school home
page, and more. Now the purpose of FOAF is to create a web
of trust - the file includes the identities Brickley knows
and trusts; the idea is that, if you trust Brickley, you
can probably trust the people he trusts, and hence, trust
people who might be (via a FOAF chain) complete strangers.
But I am more interested in the concept as a means of
identification. think about it. When we enter a
value into the <creator> field of a Dublin Core or
Learning Object Metadata file, which would be more useful,
Brickley's name, typed as a string, or the address of his
FOAF file? Keep in mind, his FOAF file is under his
control. If he changes his email address, his place of
employment, or even his name, this file changes. The answer
is pretty obvious. So why, then, are we doing it the other
way? By Dan Brickley, July, 2003
[Refer][Research][Reflect]

Mind of a Teacher Steven Pinker
talks about reaction to his online course, offers
reflections on contemporary pedagogy ("Too often, he says,
teaching is based on presenting and analysing flaws and
contradictions in research data"), and levels some scathing
criticism of academic publishers ("[Journal publishers] add
virtually zero value, don't pay editors or writers, and
make a fortune. All they ever did was smear ink on the
paper and put copies in the mail.") It would be just
another opinion... but this is Steven
Pinker talking. By John Bald, The Guardian, June 24,
2003
[Refer][Research][Reflect]

OriginalWorksThis is interesting.
I described last week a system that allows you to publish
your own book online. Well, XanEdu is today marketing a
system called OriginalWorks, a system that "specializes in
publishing academic work for use in your classroom,
transforming your own personal work into a professional,
high quality book," according to the mailout. Nothing on
the site about price - you have to call them or send an
email - which suggests that this is not a free service.
Still: what do the publishers do? By Various Authors,
XanEdu, July, 2003
[Refer][Research][Reflect]

Schools Rebuke Music Biz
DemandsThe Massachusetts Institute of
Technology and Boston College have refused the music
industry's demands that they reveal the names of students
suspected of file sharing. But let's not get ahead of
ourselves: the schools' objections are procedural, not
principled. "We are opposing the subpoenas, not in an
effort to protect students from the consequences of
copyright infringement, but rather to establish the proper
procedures to be followed in the future." Yeah, whatever.
By Katie Dean, Wired News, July 23, 2003
[Refer][Research][Reflect]